huntgroups question

Mike May mmay3 at
Mon Nov 20 18:47:23 CET 2006

Hello Alex, I have just gone through this exact scenario and University of
Notre Dame, if you want to give me a call I can talk in detail what the
solution was here at ND and it may be of help


Email me directly at mmay3 at and we can go over the solution in which I




From: at
[ at] On
Behalf Of Alexandru Dincov
Sent: Monday, November 20, 2006 11:36 AM
To: freeradius-devel at
Subject: huntgroups question


We plan to use freeradius for authenticating remote access to more than 2000
network devices (CISCO, Nortel, etc.) and we want to do some access control
based on huntgroups. Users and RADIUS profiles are stored in an LDAP
backend. Following freeradius documentation, we have to define all 2000+ IP
addresses in huntgroups configuration file, apparently there is no way to
use IP ranges for defining huntgroups. But this solution (having one
huntgroups configuration file with more than 2000 entries for each
freeradius server) would be very difficult to maintain. Anyone knows if
there are any limitations in huntgroups size? Are there other solutions to
have huntgroups functionality (access control based on NAS-IP-Address or
Client-IP-Address) using IP address ranges?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Devel mailing list